NetworkManager Openconnect and PKCS11
Grant Williamson
traxtopel at gmail.com
Mon Dec 6 03:55:46 PST 2021
Connecting using the command line works.
openconnect --csd-wrapper=/usr/share/ibm-config-NetworkManager-openconnect/csd.sh
-k "pkcs11:manufacturer=STMicro;serial=0000000000000000;token=label;id=%32%31%66%61%39%32%34%37%34%66%63%39%61%66%61%62;type=private;pin-value=userpin"
-c 12345-VPN.cer https://myvpn.com
Creating the following profile.
nmcli connection add type vpn vpn.service-type openconnect con-name
digicert vpn.data "gateway=myvpn.com, authtype=cert,
usercert=/home/nl96137/.cisco/certificates/client/12345-VPN.cer,
userkey=pkcs11:manufacturer=STMicro;serial=0000000000000000;token=label;id=%32%31%66%61%39%32%34%37%34%66%63%39%61%66%61%62;type=private;pin-value=userpin,
csd_wrapper=/usr/share/ibm-config-NetworkManager-openconnect/csd.sh"
Results in
Error importing PKCS#11 URL
pkcs11:manufacturer=STMicro;serial=0000000000000000;token=label;id=%32%31%66%61%39%32%34%37%34%66%63%39%61%66%61%62;type=private;pin-value=userpin.
The requested PKCS #311 object is not available,
Loading certificate failed.
Running RHEL 8.5
NetworkManager-1.32.10
NetworkManager-openconnect-1.2.6
Any clues to what I am doing wrong?
More information about the openconnect-devel
mailing list